Glossary
Like all industries, we have our own terms and abbreviations to deal with business continuity / disaster recovery planning and implementation.
Please scroll down to find the appropriate translation to plain English.
Alert
A warning of a potential or imminent incident prior to it actually occurring.
Alternate Site
See Standby Site
Back-up Generator
A source of power independent of the main electricity grid, which can be 'switched-in' to replace lost power supply. These generators can be purchased, leased or hired.
Backups
See Data Backup
BCMSC
See also Business Continuity Management Steering Committee
BCP
See Business Continuity Planning
BCP Co-ordinator
A role within the Business Continuity team to administer and maintain records, plans, actions etc. relating to the development of the BCP. This may be a seconded or recruited post, or may be amalgamated into the Head of Business Continuity depending on the size and complexity of your business, operation or business continuity plans.
BCP Unit
Led by the Head of Business Continuity and including the BCP Co-ordinator, this function is responsible for the production, testing and training of the BCP.
BIA
See Business Impact Analysis
Business Continuity Management Steering Committee (BCMSC)
Depending on the size and complexity of your business or business continuity plans, you may decide to form a Steering Committee (called the BCMSC) to oversee the work of the Business Continuity Unit and any project management function you have created to ensure timely, cost effective and high quality output.
Business Continuity Management Strategy
The organisation staff roles and responsibilities that will have to implement the Business Continuity Plan (see also Crisis Management Team).
Business Continuity Plan
The documents that provide a framework for dealing with an emergency, disaster or crisis.
Business Impact Analysis
The Business Impact Analysis (BIA) identifies what would be the impact upon the organisation’s goals if critical processes and functions were disrupted or lost and what the recovery time scales and requirements are. This is then documented and maintained.
Business Recovery Centre
See Standby Site
Call Tree
An organisation chart indicating who contacts whom in the event of an emergency. Often represented as a tree structure or hierarchy chart.
Cascade Chart
See Call Tree
Category A
The definition of recovery requirements for a unit, function or department within the BCP, A represents those areas where there is No tolerance for disruption.
Category B
The definition of recovery requirements for a unit, function or department within the BCP, B represents those areas where the requirement is for Resumption within 24 hours.
Category C
The definition of recovery requirements for a unit, function or department within the BCP, C represents those areas where the requirement is for Resumption within 48 hours.
Category D
The definition of recovery requirements for a unit, function or department within the BCP, D represents those areas where the requirement is for Resumption within one week.
Category E
The definition of recovery requirements for a unit, function or department within the BCP, E represents those areas where the requirement is for Resumption after one week.
Checklist
A common form of document that presents a set of issues to be addressed or to allow you to identify which issues have/have not been addressed.
Cold Site
An expression often used in Business Continuity Planning for an alternative or standby site that can be called in to use when a BCP is invoked, with the IT, telecoms, office facilities etc. installed at the time of invocation. Invariably this is a less expensive option than a warm or hot site where the IT, telecoms and office facilities are ready at all times.
Command Centre
Location where the Crisis Management Team will operate from in the event of the invocation of the Business Continuity Plan.
Contingency
Actions taken as part of risk management in the event of a disaster, emergency or crisis.
Contingency Planning
Often used as an alternative name for Business Continuity Planning, this is the process of defining and establishing the actions required by an organisation in the event of an emergency, disaster or crisis.
Crisis
A critical event that may have an impact on the business such as to significantly reduce its ability to operate, its reputation or its financial security.
Crisis Management Team
The designated staff members who will lead the response in the event of an emergency, disaster or crisis and invoke/implement the Business Continuity Plan. Within this team and reporting to it will be a range of other teams and functions depending on the complexity of the organisation and business continuity plans.
Critical Data
See Critical Functions
Critical Functions
Used to categorise those business units, activities or areas (or their data) that cannot be interrupted for a noticeable period without significantly affecting an organisation's ability to operate, its reputation or its financial security.
Critical Infrastructure
Those systems or facilities that cannot be interrupted for a noticeable period of time without significantly affecting the organisation's ability to operate, its reputation or its financial security.
Critical Systems
See Critical Infrastructure
Damage Assessment
An assessment by qualified professionals of the degree of damage to Critical Infrastructure following an incident. This will include an estimate of the time required to repair the damage and allow resumption of use of the facilities/infrastructure.
Data Backup
The storage of critical and operational data to ensure it is not lost in the event of a disaster, emergency or crisis.
Deliverables
Outputs from a project. In terms of Business Continuity Planning, the principal outputs are the planning documents themselves, and the RIA and BIA that were carried out to arrive at the plan and implemented recovery facilities.
Desk Check
A review or test of a plan by one or more people reading and discussing the contents of the plan. Possibly involving a discussion through a scenario and taking the invocation of the plan in a sequential order. See also Peer Review.
Disaster
Any incident that causes a severe disruption to the working environment of a business or organisational unit, as defined by the facilities and personnel, which results in an inability to function or to provide service to internal or external customers.
Disaster
A critical event that may have an impact on the business such as to significantly reduce its ability to operate, its reputation or its financial security.
Disk Mirroring
A technical IT process that allows data to be held concurrently on two separate physical units (potentially at different sites).
Document Registry
A list of all key documents within Business Continuity Planning including information such as location, authorship, date of last update etc.
Emergency
A critical event that may have an impact on the business such as to significantly reduce its ability to operate, its reputation or its financial security.
Emergency Operations Centre
See Command Centre
Evacuation Procedure
Instructions to staff of what to do in the event of a disaster, emergency or crisis.
Hazard Identification
See Risk Identification and Assessment
Head of Business Continuity
A high profile role to ensure that company, operation or site is well prepared and able to respond to both internal and external events and incidents which may impact on its continued business operations.
Health Check
A document that enables you to test your own readiness to deal with a disaster and to identify key elements of business continuity and best practice.
Hot Site
An expression used in Business Continuity Planning for an alternative or standby site that can be called in to use when a BCP is invoked and has the IT, telecomm’s, office facilities etc. permanently installed and available. Invariably this is a more expensive option than a cold site where the IT, telecomm’s and office facilities are installed when the plan is invoked.
Incident Command Centre
See Command Centre
Integrated Test
A test that is carried out across several, if not all functions, to test recovery of the end-to-end business processing.
Interim Site
See Standby Site
Loss Reduction
See Mitigation
Mitigation
Action taken as part of risk management to reduce the likelihood and/or impact of a risk.
Mock Disaster
See Scenario Testing
Objectives of BCP
Should include as a minimum 1) Staff safety, welfare and internal communications, 2) Resumption of critical business functions, 3) Meeting contractual obligations, 4) Management of risk, 5) Maintenance of customer confidence and reputation, 6) Meeting all legal and regulatory requirements.
Ownership
Ownership within Business Continuity Planning is a very important concept and must rest with the most senior management within an organisation.
Peer Review
Review of a part of the Business Continuity Plan by a group of staff to evaluate its likely effectiveness.
PLAN-IT-CONTROL-IT
A resource or toolbox of documents that enables you to develop your own BUSINESS CONTINUITY PLANS by tailoring a series of plans, checklists, spreadsheets, report layouts, training guides, templates and forms.
Project Structure
Projects should be divided into the following structure : Phases, then Activities within Phases, and finally Tasks within Activities.
Quick Hits Document
A series of simple and easy to implement actions that, if followed, will allow a measure of control and containment in the event of an emergency, disaster or crisis.
Reciprocal Agreement
A procedure sometimes used by two or more comparable organisations (or units within the same organisation) to provide 'cover' for each other in the form of potential standby sites, data back-up etc.
Rehearsal day
Day or days where the organisation's disaster recovery and/or business continuity plans are tested for validity.
Resumption
A measurement of how quickly a department, unit or area will need to be operating again in order to minimise the impact to the business.
RIA
See Risk Identification and Assessment
Risk Identification and Assessment
Risk Identification and Assessment (RIA) is used to determine the internal and external threats that could cause loss or disruption and their likelihood of occurrence.
Risk Log
Register of risks identified within RIA and determining likelihood, impact and actions to be taken.
RPO (Recovery Point Objective)
RPO is the point in time by which you must recover data as defined by your organisation.
RTO (Recovery Time Objective)
RTO is the duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.
Scenario Testing
Testing of a Business Continuity Plan through a realistic feigned disaster, emergency or crisis. Staff act their roles as if a real emergency had occurred.
Standby Site
A location with contracted or prearranged facilities that can be used as an emergency location for key staff in order to resume some degree of trading. This standby site may be externally contracted or be another location within the organisation.
Supplier List
A register of all key suppliers identified from within the business as part of BIA and RIA, and detailing key information about each supplier on the supplier list. This will include contact details, owner within the organisation, extent of supplier BCP's etc.
Version Control
Information added to a document to allow the latest version/update to be identified. This should include version number and issue date.
Warm Site
A standby site with facilities in place which are partly configured but which will need additional work following an incident to become fully operational. An intermediate state between a Cold Site and a Hot Site.
